2defbb63a1adb78ad7f919ae00dbdaec_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2defbb63a1adb78ad7f919ae00dbdaec_JaffaCakes118
Size

151KB
MD5

2defbb63a1adb78ad7f919ae00dbdaec
SHA1

bdd78c2d6e6e9a1429963764bc1b618727399642
SHA256

b593bbfb1879023cb3857bf7bb9d4af9ef7e7c26055cd8f1e423d8146c302012
SHA512

9e539e34696461eb2f38743678a5139fc67657675839ce2e2309232c204d0f0f92e2ed0f1843229406ea4b4b1bbfc325ca9147a7312a919db60297c279bc3a5f
SSDEEP

3072:E5X0QsA6MiJd4B3/v8nPLYCxc3QgEKHx7QTebb36ZgN6N6RYAXgAZVqm:M0aOd6v2bnrKHxmebagN6N6RYAXgA1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2defbb63a1adb78ad7f919ae00dbdaec_JaffaCakes118

Files

2defbb63a1adb78ad7f919ae00dbdaec_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6e67b87723042c25d2b3833105939b72

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ExtractAssociatedIconA
SHGetFileInfoA
ExtractIconW

comctl32

ImageList_Draw
ImageList_Create

gdi32

CreateDIBSection
SetPixel
ExtTextOutA
StartDocA
StartDocW
CreateCompatibleDC
CreateFontIndirectA
SetBkMode
GetTextColor
EndDoc
SetBkColor

dpmofilt

_FExp
_Tolower
_Denorm
_Stod
_Strxfrm
_Stof
_LSinh
_LDtest
_FCosh
_Strcoll
_Hugeval
_LXbig
_LExp
_Getctype

user32

CreateWindowExA
MapWindowPoints
GetWindowRect
GetWindowTextA
OffsetRect
CheckRadioButton
SetCursor
ShowCaret
MessageBoxA
OpenClipboard
UnhookWindowsHookEx
CallNextHookEx
EnumChildWindows
EnableMenuItem
DestroyWindow
GetWindowDC
GetMenuItemCount
InvalidateRect
GetWindowThreadProcessId
SetActiveWindow
WindowFromPoint
EmptyClipboard
DrawFocusRect
GetClientRect
ReleaseDC
TranslateMDISysAccel
GetMessageA
CreateWindowExW
GetKeyboardType
ShowWindow
GetClassLongA
LoadImageA
GetClassNameA
CallWindowProcA
GetWindowTextW

kernel32

VirtualProtect
lstrcmpiA
VirtualQueryEx
lstrcatA
DeviceIoControl
lstrlenW
TlsSetValue
FindClose
ReadFile
CompareStringW
GetProcessHeap
GetTempPathW
UnhandledExceptionFilter
FileTimeToSystemTime
FindResourceA
GetModuleHandleA
OpenFileMappingA
GetCPInfoExA
UnmapViewOfFile
EnumSystemCodePagesA
WriteFile
SetPriorityClass
TerminateThread
SwitchToThread
GetFileAttributesA
GetTickCount
GetCommandLineA
VirtualAlloc
GetTempFileNameW
MapViewOfFileEx
TerminateProcess
GetCurrentThread
GlobalMemoryStatus
SetFileAttributesW
GetStdHandle
WaitForMultipleObjects
CreateFileMappingW
DosDateTimeToFileTime
VirtualQuery
FreeLibrary
WriteProcessMemory
LocalFileTimeToFileTime
LoadLibraryExA
MoveFileW
GetTempPathA
Sleep
FileTimeToDosDateTime
CloseHandle
FindFirstFileW

winspool

OpenPrinterA

advapi32

RegOpenKeyExA
RegDeleteKeyA
AdjustTokenPrivileges

Sections

.text
Size: 144KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6e67b87723042c25d2b3833105939b72

Headers

DLL Characteristics

File Characteristics

Imports

shell32

comctl32

gdi32

dpmofilt

user32

kernel32

winspool

advapi32

Sections

.text Size: 144KB - Virtual size: 148KB

.rdata Size: 3KB - Virtual size: 4KB

.data Size: 2KB - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 4KB

.text
Size: 144KB - Virtual size: 148KB

.rdata
Size: 3KB - Virtual size: 4KB

.data
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 4KB